brain-hackers_pepepper-mirror
/
u-boot-brain
mirror of https://github.com/brain-hackers/u-boot-brain
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
73,508 Commits 45 Branches 255 Tags 240 MiB
Commit Graph

6 Commits

Author SHA1 Message Date
Usama Arif e61b41517d avb: Make AVB independent of fastboot 
AVB only uses CONFIG_FASTBOOT_BUF_ADDR from fastboot for memory.
This memory is used for assigning temporary buffers.
This can be assigned a new variable and used as CONFIG_AVB_BUF_ADDR.
This is to support future boards that support AVB but dont support
USB and therefore dont support FASTBOOT.

Signed-off-by: Usama Arif <usama.arif@arm.com>
Cc: Igor Opaniuk <igor.opaniuk@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Acked-by: Igor Opaniuk <igor.opaniuk@gmail.com>
[trini: Change defaults]
Signed-off-by: Tom Rini <trini@konsulko.com>
 2020-08-24 14:11:13 -04:00
Simon Glass 0528979fa7 part: Drop disk_partition_t typedef 
We should not be using typedefs and these make it harder to use
forward declarations (to reduce header file inclusions). Drop the typedef.

Signed-off-by: Simon Glass <sjg@chromium.org>
 2020-05-18 17:33:33 -04:00
Jens Wiklander bbddbef998 avb_verify: support sandbox configuration 
Change get_sector_buf() to use map_sysmem() to get a pointer to the
CONFIG_FASTBOOT_BUF_ADDR in memory.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
 2018-10-07 11:07:26 -04:00
Jens Wiklander 6663e07478 avb_verify: support using OP-TEE TA AVB 
With CONFIG_OPTEE_TA_AVB use the trusted application AVB provided by
OP-TEE to manage rollback indexes and device-lock status.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
 2018-10-07 11:07:25 -04:00
Igor Opaniuk 5d4fd87773 avb2.0: add boot states and dm-verity support 
1. Add initial support of boot states mode (red, green, yellow)
2. Add functions for enforcing dm-verity configurations

Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
 2018-06-18 13:55:13 -04:00
Igor Opaniuk 3af30e4443 avb2.0: implement AVB ops 
Implement AVB ops on top of existing mmc subsystem API. Currently there
is a full implementation of such operations, defined by [1]
AVB2.0 specification:

.read_from_partition() - reads N bytes from a partition identified by
a name.
.write_to_partition() - Writes N bytes to a partition identified by a name.
.validate_vbmeta_public_key() - checks if the given public ‘vbmeta’
partition is trusted.
.get_unique_guid_for_partition() - Gets the GUID for a partition identified
by a string name.

As [1] specification recommends to use tamper-evident storage for storing
rollback indexes and device state (LOCKED/UNLOCKED),
currently are only stubs instead of full implementation for these ops:
.read_rollback_index() - Gets the rollback index for a given index location
.write_rollback_index() - Sets the rollback index to a given location
.read_is_device_unlocked() - Gets where the device is unlocked

[1] https://android.googlesource.com/platform/external/avb/+/master/README.md

Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
 2018-06-18 13:55:13 -04:00